package com.imooc.sm.controller;

import com.imooc.sm.entity.Staff;
import com.imooc.sm.service.SelfService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;

/**
 * 登录（含权限）和个人中心修改密码一体控制
 */
@Controller("selfController")
public class SelfController {

    @Autowired
    private SelfService selfService;

    /*用于识别是超级管理员、管理员、员工*/
    private boolean flag;

    private boolean superFlag;

    private boolean errLog = true;

    private String errPass = null;

    //      /toLogin.do
    public synchronized void toLogin(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        /*退出登录*/
        if (errLog == true) {
            request.setAttribute("hi", "hidden");
        }
        if (errLog == false) {
            request.setAttribute("hi", "");
        }
        flag = false;
        superFlag = false;
        request.getRequestDispatcher("login.jsp").forward(request, response);
    }

    //      /login.do
    public synchronized void login(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        String account = request.getParameter("account");
        String password = request.getParameter("password");

        Staff staff = selfService.login(account, password);


        if (staff == null) {
            //如果在登录验证时，有输入错误，则errLog为false
            errLog = false;

            response.sendRedirect("toLogin.do");
//            response.getWriter().print("<script>alert('您的输入有误')</script>");
        } else {
            if ("管理员".equals(staff.getStatus())) {
                flag = true;
            }

            if ("超级管理员".equals(staff.getStatus())) {
                flag = true;
                superFlag = true;
            }
            //避免登录校验报错影响退出时的信息泄露
            errLog = true;
            HttpSession session = request.getSession();
            session.setAttribute("USER", staff);
            session.setAttribute("flag", flag);
            session.setAttribute("superFlag", superFlag);
            response.sendRedirect("main.do");
//            request.getRequestDispatcher(request.getContextPath()+"/main.do").forward(request,response);
        }
    }


    //      /logout.do 退出
    public void logout(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        HttpSession session = request.getSession();
        session.setAttribute("USER", null);
        session.setAttribute("flag", null);
        session.setAttribute("superFlag", null);
        response.sendRedirect("toLogin.do");
    }

    //      /main.do
    public void main(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        //登录后跳转到系统界面，要把两把权限锁设置为false避免 用户越界权限登录
        request.getRequestDispatcher("index.jsp").forward(request, response);
    }

    //      /self/info.do
    public synchronized void info(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        request.getRequestDispatcher("../info.jsp").forward(request, response);
    }

    //      /self/toChangePassword.do
    public void toChangePassword(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        request.getRequestDispatcher("../change_password.jsp").forward(request, response);
    }

    //      /self/changePassword.do
    public void changePassword(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        String password = request.getParameter("password");
        String password1 = request.getParameter("password1");
        HttpSession session = request.getSession();
        session.setAttribute("errMessage", null);
        Staff staff = (Staff) session.getAttribute("USER");
        if (!staff.getPassword().equals(password)) {
            errPass = "密码有误";
            session.setAttribute("errMessage", errPass);
            response.sendRedirect("toChangePassword.do"); //相当于重新输入不过是清空信息了
        } else {
            /*把原来的对象密码替换掉*/
            errPass = "修改成功";
            session.setAttribute("errMessage", errPass);
            staff = selfService.changePassword(staff.getId(), password1);
            session.setAttribute("USER", staff);
            response.sendRedirect("toChangePassword.do"); //相当于重新输入不过是清空信息了
            //如何保存之后跳转回首页
            //response.getWriter().print("<script type=\"text/javascript\">parent.location.href=\"../logout.do\"</script>");
        }

    }

    // 研究登录失败，报错信息带有时间轴，信息自动销毁的办法
    // public void errLogin(){
    //        SimpleDateFormat simpleDateFormat = new SimpleDateFormat("ss");
    //        String c = simpleDateFormat.format(new Date());
    //        Integer m = Integer.valueOf(c);
    //
    //        /*m范围0~60*/
    //        if (m == 56) {
    //            m = Integer.valueOf(simpleDateFormat.format(new Date()));
    //            if (m == 0) {
    //
    //            }
    //        } else {
    //            if (m == m + 4) {
    //                // request.setAttribute("hidden",null);
    //            }
    //        }
    //    }

}
